Resources
11 April 2021
The short story about Clubhouse user scraping and social graphs
During this RedTeam testing, we used Clubhouse as a social engineering tool to find out more about our client's employees. UPDATE: While we were preparing this article for publication, cybernews.com reported: 1.3 million scraped user records leaked online for ...
16 March 2020
r00kie-kr00kie. Exploring the kr00k attack
We created and published a PoC exploit of the kr00k attack (CVE-2019-15126): https://github.com/hexway/r00kie-kr00kie All technical details can be found in the Process section. INTRODUCTION AND MOTIVATION In February 2020, ESET released the KR00K - CVE-2019-15126 SERIOUS VULNERABILITY DEEP INSIDE ...
29 January 2020
Piercing the Shield. Breaking the FunctionShield cloud security library
We've found a vulnerability in FunctionShield, a cloud security library, that allows bypassing its tightest restrictions completely. All technical details can be found in the "Process" section. Cloud computing platforms are highly common these days. Fortunately, the times when ...
8 October 2019
Apple bleee. Everyone knows What Happens on Your iPhone
Users value their privacy, and Apple understands that. We even see related PR activities. "What happens on your iPhone, stays on your iPhone." Let's see if it's true. If Bluetooth is ON on your Apple device everyone nearby can ...
26 April 2022
Hive & Apiary 0.39.0. Multi-Factor Authentication and Checklist Cards
Hello, Hexway users! Today we have released a pack of features you may want to start using already today. This release mostly affects Apiary features — our Blue Team workspace for a systematized work with pentest findings on the client’s ...
31 March 2022
Hexway Hive 0.37.1 version. Checklists and methodologies sync with Apiary
Let’s say there is a typical pentest report. Basically, it’s just a PDF file with all found vulnerabilities. Normally, this would be enough. But if pentest company wants clients to be loyal and returning, they may want to think of ...
3 March 2022
Hive 0.36 version. New report generator & custom issues
Introduction First of all, we want to share this fantastic news with you… We have added what you wanted for so long! It’s an updated (super cool) report generator and (also super cool) customizable issues! *Yay* So, it’s time for ...
22 December 2021
Hive 0.33.1 version. Log4J & issue statuses
A vulnerability was found aaaand fixed, don't worry! What's in this update? Log4j vulnerability fix Draft & Ready issue statuses Bugfix we hope will make your life better! Log4j vulnerability fix You've definitely heard about this whole Log4j vulnerability situation. ...
15 November 2021
Hive 0.30.1 version. Nuclei & Amass integrations
Hey, hexwayers! We are happy to have all of you here. So, let's take a short tour around our new update. We’ve added Nuclei and Amass scanners integration. Yay! What’s in this update? Nuclei scanner export Amass scanner export Interface ...
22 September 2021
Hive 0.27 version. Labor dashboard & notifications
Hey Hexwayers & our guests! A new day brings you a new release. What’s in it for you today? Cross-project pentesters labor dashboard Notification system update Utility name import via API Bugfix & other small upgrades Let’s have a closer ...
29 June 2021
Hive 0.23 version. Advanced import, project dashboard, credential store and more!
We listen to your feedback (BTW, here is our Discord) and are trying to implement new features as fast as possible. Meet new Hive features: Advanced import settings Project Dashboard Main View Pagination Credential store Small bug fixes Advanced import ...
16 June 2021
Hive API. The easiest way to integrate your tool with Hexway Hive
Hi there! Currently, Hexway Hive supports integration with the following utility tools: Nmap/Masscan Metasploit Cobalt Strike Nessus However, there are much more tools we want our solution to be integratable with. That said, many teams use proprietary tools, and we're ...
31 May 2021
Hive 0.20.1 version. New parser engine and Metasploit & Cobalt Strike integration
New parser engine We have completely redesigned the operation principles of our parsing system and have changed data visualization in the interface! Now, when you click on a hostname, IP, or port, the Import tab is available on the right ...
21 April 2021
Hexway Hive 0.13.1 version. Nessus integration
We can’t wait to share an important Hive update with you! Now you can import scan results from Nessus directly. This improvement should facilitate the discovery stage of the pentesting process covered by Hive. Much has been done to make ...
12 March 2021
Hexway Hive online demo version is out!
We understand that sometimes to test a new product you need sufficient time for preparation and installation. That’s why we’ve decided to publish this Hive online demo. This version should make it easier to work with our pentest collaborative tool ...
11 May 2022
CYBERSECURITY NEWS V. April – Lapsus$ Hackers Target T-Mobile, Coca-Cola under cyber attack
News FYI The Bored Ape Yacht Club's Discord server has been hacked An unknown hacker has broken into the official Discord server dedicated to NFT holders Bored Ape Yacht Club, Mutant Ape Yacht Club and Mutant Ape Kennel Club - ...
30 April 2022
Top 4 Methodologies for Efficient Penetration Testing
A penetration test (pentest) is a proactive security test where a pen tester or ethical hacker deliberately attacks the organization’s network and systems. The goal is to proactively find and fix existing security gaps before they can be exploited by ...
26 April 2022
Hive & Apiary 0.39.0. Multi-Factor Authentication and Checklist Cards
Hello, Hexway users! Today we have released a pack of features you may want to start using already today. This release mostly affects Apiary features — our Blue Team workspace for a systematized work with pentest findings on the client’s ...
13 April 2022
Why Hexway Hive Report Generator is Ahead of Other Reporting Tools
Penetration Testing is a great way to gain insight into the security capabilities, shortcomings, and scope for improvement for any company. While pentest is an essential tool to maintain a competitive edge over hackers, the efficacy of the test depends ...
5 April 2022
CYBERSECURITY NEWS V. March – Anonymous declares cyberwar, Samsung source code leak, Denso under cyberattack
hexway cybersecurity blog brings you the latest news about attacks and data breaches, emerging malware, and vendor security updates News FYI Samsung confirms source code leak The South American hacker group Lapsus$ hacked into Samsung networks. It claimed to have ...
31 March 2022
Hexway Hive 0.37.1 version. Checklists and methodologies sync with Apiary
Let’s say there is a typical pentest report. Basically, it’s just a PDF file with all found vulnerabilities. Normally, this would be enough. But if pentest company wants clients to be loyal and returning, they may want to think of ...
14 March 2022
CYBERSECURITY NEWS V. February – Anonymous declares cyberwar on Russia, decryption keys for Egregor, Sekhmet, and Maze
hexway cybersecurity blog brings you the latest news about attacks and data breaches, emerging malware, and vendor security updates News FYI 13 NFTs stolen, $3 million lost A Twitter user calling himself larrylawliet (@iloveponzi) reported the loss of his NTF ...
5 March 2022
How to Write an Effective Pentest Report: 5 Key Sections
As a pentester, you play a critical role in helping to secure an organization’s infrastructure, assets, and data from bad actors. While conducting pen tests, you simulate cyberattacks on your enterprise network and deliberately exploit existing vulnerabilities to assess your ...
3 March 2022
Hive 0.36 version. New report generator & custom issues
Introduction First of all, we want to share this fantastic news with you… We have added what you wanted for so long! It’s an updated (super cool) report generator and (also super cool) customizable issues! *Yay* So, it’s time for ...
28 February 2022
Vulnerability assessment or Penetration testing: what to choose?
Vulnerabilities. Threats. Risks. Smart, well-informed cybersecurity professionals are intimately familiar with these terms. They also know that they must identify and address the vulnerabilities, threats, and risks affecting their organization to protect it from catastrophic cyberattacks and data breaches. To ...
25 February 2022
Vulnerability Management 101: what is it?
Vulnerability Management for Stronger Enterprise Cybersecurity 2021 was a booming year for cyberattackers. In many such attacks, they exploited vulnerabilities in enterprise networks to disrupt operations, access business-critical resources, and even steal sensitive data. One such high-profile incident was the ...
Copyright © 2022 Hexway.
All rights reserved
All rights reserved
Stay up to date
Greate!
Check your mail
Thank you for your
demo request!
demo request!
We will be happy to see you as our future user!
Such a pleasure
to hear from you!
to hear from you!
We will answer as soon as possible.
O-oh, you're using mobile device instead of desktop 😕
Come back later from your PC to try all of our features!
Come back later from your PC to try all of our features!
I still want to check out demo, even if it can be crooked
